30 December 2021
Containerd with Harbor
Previously we explained how to install a Harbor server and how to configure CRI-O to use it.
In this case we will see how the configuration is if our container runtime is Containerd.
Containerd
To carry out this configuration, you will have to access the nodes and there
create or modify the file /etc/containerd/config.toml
:
version = 2
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://harbor-cache.example.com/v2/proxy.docker.io/"]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."gcr.io"]
endpoint = ["https://harbor-cache.example.com/v2/proxy.gcr.io/"]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."k8s.gcr.io"]
endpoint = ["https://harbor-cache.example.com/v2/proxy.k8s.gcr.io/"]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."quay.io"]
endpoint = ["https://harbor-cache.example.com/v2/proxy.quay.io/"]
# [plugins."io.containerd.grpc.v1.cri".registry.configs."harbor-cache.example.com".tls]
# ca_file = "/etc/containerd/harbor.pem"
In this case, four of the most used registries are configure
docker.io
: The official Docker registry.gcr.io
: Google Container Registry, official images from Google.k8s.gcr.io
: Google Kubernetes Engine Container Registry, the main Kubernetes image-serving system.quay.io
: a private Docker registry operated by the Red Hat organization.
These were the four projects defined at Harbor earlier. You will have to add a similar line in this file for each extra project you want to add.
Remember that for the configuration to take effect, the containerd service must be restarted:
systemctl daemon-reload
systemctl restart containerd